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1 9 . The method of claim 1 wherein said transmitting said second digital data is 
performed via a wireless RF communication port associated with said portable electronic 
authorization device. 



20. The method of claim 1 wherein said transmitting said second digital data is 
performed via a contact-type parallel communication port associated with said portable electronic 
authorization device. 



21. A portable electronic authorization device for approving a transaction request 
originated from an electronic transaction system, comprising: 

means for receiving at said portable electronic authorization device first digital data, said 
first digital data representing said transaction request; 

means within said portable electronic authorization device for forming second digital 
data responsive to a receipt of said transaction request if a user of said portable electronic 
authorization device approves said transaction request, said second digital data representing 
encrypted data signifying said user's approval of said transaction request; and 

means, coupled to said forming means, for transmitting said second digital data to said 
electronic transaction system. 

22. The portable electronic authorization device of claim 21 wherein said second 
digital data includes at least a portion of said transaction request. 

23 . The portable electronic authorization device of claim 21 further including first 
memory means coupled to said forming means for storing a user's private key for use in 
forming said second digital data in accordance with a public key cryptography technique, 
wherein said forming means includes encrypting means coupled to said first memory means for 
creating said encrypted data with said user's private key using said public key cryptography 
technique, whereby said presence of said user's private key in said first memory means 
eliminates a need to exchange said user's private key between said portable electronic 
authorization device and said electronic transaction system for approving said transaction 
request. 
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24 . The portable electronic authorization device of claim 23 further comprising key 
generation logic coupled to said first memory means for generating said user's private key 
within said portable electronic authorization device. 



25 . The portable electronic authorization device of claim 23 further comprising 
means, coupled to said first memory means, for configuring said portable electronic 
authorization device for said user, said configuring means receives configuration data from an 
issuer of an account capable of transaction via said portable electronic authorization device, said 
configuration data includes at least one of identification data pertaining said user and said private 
key; and 

means for writing said configuration data to memory of said portable electronic 
authorization device. 



26. The portable electronic authorization device of claim 21 further comprising: 

means coupled to said forming means for authenticating said user prior to permitting 
said user to approve said transaction request using said portable electronic authorization device, 
said authenticating means requires one of a password, a finger print, and a voice print. 

27 . The portable electronic authorization device of claim 21 wherein said means for 
transmitting said second digital data includes means for communicating with said electronic 
transaction system using infrared signals. 

28. The portable electronic authorization device of claim 21 wherein said means for 
transmitting said second digital data includes means for communicating with said electronic 
transaction system using wireless RF signals. 

29. The portable electronic authorization device of claim 21 wherein said means for 
transmitting said second digital data includes a contact-type serial port for communicating with 
said electronic transaction system. 
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30. The portable electronic authorization device of claim 21 wherein said means for 
transmitting said second digital data includes a contact-type parallel port for communicating with 
said electronic transaction system. 

3 1 . The portable electronic authorization device of claim 21 further comprising 
means, coupled to said receiving means, for displaying said transaction request for viewing by 
said user. 



32. The portable electronic authorization device of claim 21 further comprising 
means, coupled to said forming means, for said user to indicate that said transaction request is 
approved, said means for said user to indicate that said transaction request is approved causes 
said second digital data to be transmitted from said portable electronic authorization device to 
said electronic transaction system. 

3 3 . The portable electronic authorization device of claim C 1 0 wherein said means for 
said user to indicate that said transaction request is approved represents a switch configured for 
activation by said user. 

34. The portable electronic authorization device of claim 21 wherein said first digital 
data represents an encrypted version of said transaction request, said first digital data being 
encrypted using public key cryptography with a private key associated with a transaction 
partner, wherein said means for receiving further comprising means for decrypting said first 
digital data using a public key associated with said transaction partner. 

3 5 . The portable electronic authorization device of claim 2 1 further comprising 
tamper-proof enclosure means for enclosing said receiving means, said forming means, and 
said transmitting means therein, said tamper-proof enclosure means being configured to prevent 
said user's private key from being extracted from said portable electronic authorization device if 
said tamper-proof enclosure means has been tampered with. 
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36. The portable electronic authorization device of claim 21 wherein said means for 
receiving, means for forming, and means for transmitting are implemented on a single chip. 



37. The portable electronic authorization device of claim 21 wherein said means for 
transmitting said second digital data includes a first PC card communication port associated with 
said portable electronic authorization device. 



38 . The portable electronic authorization device of claim 37 wherein said transaction 
request represents a transaction request for a transaction conducted via a computer network, said 
electronic transaction system includes a computer coupled to said computer network, said 
portable electronic authorization device being configured for plugging into a second PC card 
communication port of said computer to facilitate receiving said first digital data. 

39 . The portable electronic authorization device of claim 2 1 further including a 
power source for providing power to said forming means. 

40. The portable electronic authorization device of claim 21 wherein said second 
digital data comprises at least a portion of said transaction request, said second digital data 
further comprising identification data pertaining said user and a time stamp. 

4 1 . The portable electronic authorization device of claim 21 wherein said transaction 
request represents a request for authenticating an electronic file, said second digital data includes 
an electronic signature for authenticating said electronic file. 

42 . A portable electronic authorization device for approving a transaction request 
originated from an electronic transaction system, comprising: 

first logic circuit configured to receive first digital data representative of said transaction 
request; 
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second logic circuit configured to form second digital data responsive to said transaction 
request received by said first logic circuit if said transaction request is approved by a user of 
said portable electronic transaction device, said second digital data representing encrypted data 
signifying an approval by said user of said transaction request; and 

transmission circuitry coupled to said second logic circuit, said transmission circuitry 
being configured to transmit said second digital data from said portable electronic authorization 
apparatus to said electronic transaction system if said user approves said transaction request. 



43 . The portable electronic authorization device of claim 42 wherein said second 
digital data includes at least a portion of said transaction request. 



44. The portable electronic authorization device of claim 42 wherein said first digital 
data represents an encrypted version of said transaction request, said first digital data being 
encrypted using public key cryptography with a private key associated with a transaction 
partner, wherein said first logic circuit comprises decrypting circuitry configured to decrypt said 
first digital data using a public key associated with said transaction partner. 



45. The portable electronic authorization device of claim 44 further including first 
memory circuit coupled to said decrypting circuitry, said first memory circuit being configured 
for storing a user's private key for use in forming said second digital data in accordance with a 
public key cryptography technique, wherein said second logic circuit includes encrypting logic 
coupled to said first memory circuit for creating said encrypted data with said user's private key 
using said public key cryptography technique, whereby said presence of said user's private key 
in said first memory circuit eliminates a need to exchange said user's private key between said 
portable electronic authorization device and said electronic transaction system for approving said 
transaction request. 

46 The portable electronic authorization device of claim 45 further comprising key 
generation logic coupled to said first memory means for generating said user's private key 
within said portable electronic authorization device. 
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47 The portable electronic authorization device of claim 46 wherein said first logic 
circuit comprises receiving circuit coupled to said decrypting logic, said receiving circuit being 
configured to receive said first digital data from said electronic transaction system prior to 
passing said first digital data to said decrypting logic for decryption, said receiving circuit being 
5 decoupled from said first memory circuit, wherein said user' s private key stored in said first 
memory circuit is inaccessible directly by said receiving logic, thereby preventing said user's 
private key from being accessed from externally without traversing said decrypting logic. 



48 The portable electronic authorization device of claim 47 wherein said 
1 0 transmission circuitry is decoupled from said first memory circuit, wherein said user' s private 
key stored in said first memory circuit is inaccessible directly by said transmission circuit, 
thereby preventing said user's private key from being accessed from externally without 
traversing one of said decrypting logic and said encrypting logic. 



15 49 . The portable electronic authorization device of claim 42 further comprising: 

user authentication mechanism coupled to said second logic circuit, said user 
authentication mechanism being configured to authenticate said user prior to permitting said user 
to approve said transaction request using said portable electronic authorization device, said 
authentication mechanism requires one of a password, a finger print, and a voice print. 

20 

50. The portable electronic authorization device of claim 42 wherein said 
transmission circuitry includes circuitry configured for communicating with said electronic 
transaction system using infrared signals. 

25 51. The portable electronic authorization device of claim 42 wherein said 

transmission circuitry includes circuitry configured for communicating with said electronic 
transaction system using wireless RF signals. 

52. The portable electronic authorization device of claim 42 wherein said 
30 transmission circuitry includes a contact-type serial port for communicating with said electronic 
transaction system. 
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53 . The portable electronic authorization device of claim 42 wherein said 
transmission circuitry includes a contact-type parallel port for communicating with said 
electronic transaction system. 

54. The portable electronic authorization device of claim 42 further comprising a 
display coupled to said first logic circuit, said display being configured to display said 
transaction request for viewing by said user. 



5 5 . The portable electronic authorization device of claim 42 further comprising a 
switch coupled to said second logic circuit, said switch permitting said user to indicate through 
activating said switch that said transaction request is approved by said user. 

56. The portable electronic authorization device of claim 42 further comprising 
tamper-proof enclosure for enclosing said first logic circuit, said second logic circuit, and said 
transmission circuitry therein, said tamper-proof enclosure being configured to prevent said 
user's private key from being extracted from said portable electronic authorization device if said 
tamper-proof enclosure has been tampered with. 

57 . The portable electronic authorization device of claim 42 wherein said first logic 
circuit, said second logic circuit, and said transmission circuitry are implemented on a single 
chip. 

5 8 . The portable electronic authorization device of claim 42 wherein said 
transmission circuitry includes a PC card communication port associated with said portable 
electronic authorization device. 

59 . The portable electronic authorization device of claim 58 wherein said transaction 
request represents a transaction request for a transaction conducted via a computer network, said 
electronic transaction system includes a computer coupled to said computer network, said 
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portable electronic authorization device being configured for plugging into a PC card slot of said 
computer to facilitate receiving said first digital data. 



60. The portable electronic authorization device of claim 42 further including a 
power source to facilitate portability. 



6 1 . The portable electronic authorization device of claim 42 wherein said second 
digital data comprises at least a portion of said transaction request, said second digital data 
further comprising identification data pertaining said user and a time stamp. 



62. The portable electronic authorization device of claim 42 wherein said transaction 
request represents a request for authenticating an electronic file, said second digital data includes 
an electronic signature for authenticating said electronic file. 

63 . In a portable electronic authorization device, a method for approving a 
transaction request originated from an electronic transaction system, comprising: 

receiving at said portable electronic authorization device first digital data, said first digital 
data representing said transaction request; 

if said transaction request is approved by a user of said portable electronic authorization 
device, generating second digital data, said second digital data representing transaction approval 
data signifying said user's approval of said transaction request; 

encrypting within said portable electronic authorization device said second digital data, 
thereby creating third digital data representing an encrypted version of said second digital data; 
and 

transmitting said third digital data from said portable electronic authorization device to 
said electronic transaction system, thereby permitting said electronic transaction system to 
ascertain whether said transaction request is approved by said user. 



64. The method of claim 63 wherein said encrypting is performed using a public key 
cryptography technique, said portable electronic authorization device containing a user' s private 
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key for encrypting said second digital data to form said third digital data, thereby eliminating a 
need to transmit said user's private key from said portable electronic authorization device to said 
electronic transaction system, said third digital data being configured for being decrypted at said 
electronic transaction system using a user's public key. 

65 The method of claim 64 wherein said user's private key is generated by a key 
generation logic within said portable electronic authorization device. 

66. The method of claim 63 further comprising: 

authenticating said user prior to permitting said user to approve said transaction request 
using said portable electronic authorization device, said authenticating requires one of a 
password, a finger print, a voice print at a user authentication mechanism associated with said 
portable electronic authorization device. 

67 . The method of claim 63 wherein said user's private key is generated using a key 
generation logic within said portable electronic authorization device, thereby eliminating a need 
to transmit said user's private key from said electronic transaction system to said portable 
electronic authorization device. 



68 . The method of claim 63 wherein said transmitting said third digital data is 
performed via an infrared communication port associated with said portable electronic 
authorization device. 

69. The method of claim 63 wherein said transmitting said third digital data is 
performed via a wireless RF communication port associated with said portable electronic 
authorization device. 

70. The method of claim 63 wherein said transmitting said third digital data is 
performed via a contact-type parallel communication port associated with said portable electronic 
authorization device. 
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7 1 . The method of claim 63 wherein said transmitting said third digital data is 
performed via a contact-type serial communication port associated with said portable electronic 
authorization device. 



72. The method of claim 63 further comprising displaying said transaction request 
for viewing by said user on a display screen associated with said portable electronic 
authorization device. 



73 . The method of claim 63 further comprising activating an approval switch 
associated with said portable electronic authorization device if said transaction request is 
approved by said user. 

74. The method of claim 63 wherein said first digital data represents an encrypted 
version of said transaction request encrypted using public key cryptography, wherein said 
receiving further comprising decrypting, using decryption logic associated with said portable 
electronic authorization device, said first digital data using a transaction partner's public key . 

15. The method of claim 63 wherein said portable electronic authorization device is 
enclosed in a tamper-proof enclosure, said tamper-proof enclosure being configured to prevent 
said user's private key from being extracted from said portable electronic authorization device if 
said tamper-proof enclosure has been tampered with. 

76. The method of claim 63 wherein said portable electronic authorization device is 
implemented on a single chip. 

77 . The method of claim 63 wherein said transmitting said third digital data is 
performed via a PC card communication port associated with said portable electronic 
authorization device. 
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78 . The method of claim 77 wherein said transaction request represents a transaction 
request for a transaction conducted via a computer network, said electronic transaction system 
includes a computer coupled to said computer network, said portable electronic authorization 

5 device configured for plugging into a PC card slot of said computer to facilitate said receiving 
said first digital data. 

79. The method of claim 63 wherein said portable electronic authorization device is 
configured for portability and includes a power source. 

10 

80. The method of claim 63 wherein said transaction approval data comprises at least 
a portion of said transaction request, said transaction approval data further comprising 
identification data pertaining said user and a time stamp. 

15 81. The method of claim 63 further comprising configuring said portable electronic 

authorization device for said user by receiving configuration data from an issuer of an account 
capable of transaction via said portable electronic authorization device, said configuration data 
includes at least one of identification data pertaining said user and said private key. 

20 82. The method of claim 63 wherein said transaction request represents a request for 

authenticating an electronic file, said transaction approval data includes an electronic signature 
attached to said electronic file. 
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